- Solareum, a Telegram trading platform for Solana-based tokens, recently announced its closure due to a significant security breach
- The breach led to the loss of $523,000 worth of SOL from user wallets, prompting the project’s demise
- Suspicion initially fell on the BONKbot trading bot, but the BONK team denied any connection to the incident
Solareum, a Telegram-based trading platform facilitating transactions with Solana-based tokens, recently announced its imminent closure following a significant security breach. The breach resulted in the loss of approximately $523,000 worth of SOL from user wallets, a theft that proved terminal for the project. The hack was initially suspected to be linked to the popular Telegram trading bot BONKbot, but the team behind the BONK meme coin swiftly denied any involvement.
Solareum Forced to Admit Breach
The hack was revealed in an unusual way, with the Solareum team forced on Friday to deny an exit scam following reports that user wallets were being drained:
There were a lot of accusations going on around about #SOLAREUM exit scam
We at #SOLAREUM team can clarify that we DO NOT steal money. But a lot of $SOLAR users wallet got drained , but this is a part widespread exploit thats happening to other bot projects/Dapp as well.— Solareum (@SolareumProject) March 29, 2024
Concerns continued to mount, however, forcing the team to put out another X post where they admitted that “There maybe [sic] a chance we got exploited.”
The naturally skeptical nature of the crypto space ensured that the accusations continued to pour in regardless, leading to Solareum having to defend itself:
We advise everyone to please stop pointing fingers at us as we are the victim here . Very high chance that exploiters steals tg bot token, they can get all messages of the tg bots history and some users didnt remove the wallet generation message that contain the PK.
— Solareum (@SolareumProject) March 29, 2024
Investigations continued into the weekend, with the team behind BONKbot, initially considered a prime suspect in the breach, clarifying that the exploit appeared to be associated with users importing their private keys into Solareum. While they refrained from publicly blaming Solareum, it was clear where they believed the blame lay.
Solareum Confirms Closure
Following investigations into the breach, Solareum confirmed the worst in the group’s Telegram channel on Saturday:
It is with a profound sense of regret that we announce the closure of the Solareum project. Unfortunately, due to a combination of insufficient funds, evolving market trends, and a recent security breach to our systems, we find ourselves compelled to make this difficult decision.
The post added that “the recent security breach has compromised the integrity of our systems, and we can no longer assure the safety of our users due to the lack of funds,” leading to a raft of complaints and demands for compensation from those who are now out of pocket. This has led to the calls for legal action that typically follow such exploits, but these rarely come to anything, as many accept that this is part and parcel of life in the crypto space.
Solareum continues to deny that it played any part in the loss of funds, and there doesn’t seem to be any evidence yet to suggest that anything more untoward than a third-party breach was behind the loss.